I forgot to mention that it would be best if you send the screenshot to the e-mail address provided in the plugin when clicking "Feedback, Bugs, or Feature Requests?"

As to why sucuri (free sitescan) and virustotal did not find anything, their services primarily scan the one page that was requested, in your case probably http://hipmouse.com/index.php. Because your site is not blacklisted and the index.php does not contain any suspicious code, the site is deemed to be clean.

The MVIS Security Center goes through all files and directories and looks for common script names that are normally used by attackers to control a site. So even if the suspicious file is hidden in any random folder of the WordPress directory, it would still be discovered and reported.

I still hope that this is not the case for you, so please send me the screenshot per mail and then we can figure it out.